897 matches found
CVE-2001-1387
The CVE-2001-1387 entry concerns the iptables package, specifically iptables-save in versions before 1.2.4. The issue is that iptables-save records the --reject-with icmp-host-prohibited rule as --reject-with tcp-reset, causing generated responses to diverge from the administrator’s configuration...
CVE-2001-1388
CVE-2001-1388 affects iptables prior to 1.2.4. The vulnerability stems from an inaccuracy in converting rate limits specified on the command line, which could cause administrators to see mismatched traffic levels (more or less) than intended. The articles do not provide exploit details or confirm...
CVE-2001-1387
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--reject-with tcp-reset," which causes iptables to generate different responses than specified by the administrator, possibly leading to an information leak...
CVE-2002-0704
The Network Address Translation NAT capability for Netfilter "iptables" 1.2.6a and earlier leaks translated IP addresses in ICMP error messages...
CVE-2001-1387
iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--reject-with tcp-reset," which causes iptables to generate different responses than specified by the administrator, possibly leading to an information leak...
CVE-2001-1388
iptables before 1.2.4 does not accurately convert rate limits that are specified on the command line, which could allow attackers or users to generate more or less traffic than intended by the administrator...
PT-2001-1041 · Netfilter · Iptables
Name of the Vulnerable Software and Affected Versions: iptables versions prior to 1.2.4 iptables-1.2.4 iptables-ipv6-1.2.4 Description: The issue affects the iptables package, potentially leading to an information leak due to iptables generating different responses than specified by the...
Bug in Linux 2.4 / iptables MAC match module
-- | | || |/ / -- -- | /o| /o| | | |/o| | -- -- ||||/|| / ||/ -- -- netservers security advisory 01-09-26 -- SUBJECT : Bug in Linux 2.4 / iptables MAC match module SUMMARY : MAC match module does not match small packets EFFECTS : Malicious users may bypass MAC-based DROP rules pcAnywhere does not...
Проблемы с MAC-фильтрацией в iptables (protection bypass)
Не проверяются правила для мелких пакетов...
CVE-2001-0405
ipconntrackftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall...
Дырка в iptables/nat в linux (protection bypass)
Некорректная обработка команд FTP и других протоколов позволяет открыть любой порт сервера и приводит к возможности атаки из демилитаризованной в приватную зону...
CVE-2001-0405
ipconntrackftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall...
Important: Red Hat Security Advisory: Kernel
A security hole has been found that does not affect the default configuration of Red Hat Linux, but it can affect some custom configurations of Red Hat Linux 7.1. The bug is specific to the Linux 2.4 kernel series. Aside from the fix, countless bugfixes have been applied to this kernel as a resul...
Tempest Security Techonologies -- Adivsory #01/2001 -- Linux IPTables
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This advisory is also available at: http://www.tempest.com.br/advisories/01-2001.html Cristiano Lincoln Mattos, CISSP, SSCP CESAR - Centro de Estudos e Sistemas Avanзados do Recife ===== Tempest Security Technologies - Advisory 01 / 2001 =============...
01-2001.txt
===== Tempest Security Technologies - Advisory 01 / 2001 ============== Security flaw in Linux 2.4 IPTables using FTP PORT -------------------------------------------------- Tempest Security Technologies, a business unit of CESAR - Centro de Estudos e Sistemas Avançados do Recife Author: Cristian...
Linux Kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion
source: https://www.securityfocus.com/bid/2602/info The Linux kernel includes a built-in firewall implementation called IPTables. IPTables supports stateful inspection of several application protocols, one of which is FTP. The inspection is used to facilitate outgoing PORT connections for FTP dat...
Linux Kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion
Linux Kernel 2.4 - IPTables FTP Stateful Inspection Arbitrary Filter Rule Insertion source: https://www.securityfocus.com/bid/2602/info The Linux kernel includes a built-in firewall implementation called IPTables. IPTables supports stateful inspection of several application protocols, one of whic...